Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fc409cdc authored by Kholoud Mohamed's avatar Kholoud Mohamed Committed by Automerger Merge Worker
Browse files

Merge "Fix security vulnerability in DPMS#setProfileOwner" into sc-dev am: 5f1dcc5d 

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/14327562

Change-Id: Id0f577dfbd41f12109ff0c413a432a0c7012f3b9
parents 4fa3178c 5f1dcc5d

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+5 −4
Original line number Diff line number Diff line
@@ -8558,11 +8558,12 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
        synchronized (getLockObject()) {

            enforceCanSetProfileOwnerLocked(

                    caller, who, userHandle, hasIncompatibleAccountsOrNonAdb);

            Preconditions.checkArgument(isPackageInstalledForUser(who.getPackageName(), userHandle),

                    "Component " + who + " not installed for userId:" + userHandle);

            final ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);

            Preconditions.checkArgument(admin != null && !getUserData(

                    userHandle).mRemovingAdmins.contains(who), "Not active admin: " + who);

            Preconditions.checkArgument(

                    isPackageInstalledForUser(who.getPackageName(), userHandle)

                            && admin != null

                            && !getUserData(userHandle).mRemovingAdmins.contains(who),

                    "Not active admin: " + who);















            final int parentUserId = getProfileParentId(userHandle);















            // When trying to set a profile owner on a new user, it may be that this user is